user at host fun with stunnel

Paul-Andrew Joseph Miseiko esoteric at
Thu Dec 9 00:02:14 EST 2004

Not without modifications to the IRCD source code.

It is probably a better idea to use a client SSL patch with the IRCD.

Or you could just consider the "user at internal.ip" a "feature".

ps. don't run stunnel as root.

Behind every great man is a great woman...and behind every great woman is some guy staring at her butt!

On Wed, 8 Dec 2004, Matt Best wrote:

> Hey again listers,
> I'm in a bit of an interesting quagmire here.  I use stunnel
> ( to offer ircd over SSL to my users.
> This is my stunnel statement:
> /usr/sbin/stunnel -r -d -p
> /etc/ssl/certs/stunnel.pem -o /var/log/stunnel.ext.log
> This reads as "listen on port 8887 and encrypt all connections to this
> port, then redirect to port 6667".  The ircd is listening on 6667.   I
> basically have a standard NAPT gateway in front of the server that
> redirects port 8887 to
> The problem with this, is I think it kinda breaks ident.  When a user
> connects, they are always connected as "root at", instead of
> "user at isp-assigned-ip-address-or-hostname".
> Can anybody think of a way around this?  I understand this may be
> beyond the scope of this list.  Any suggestions are appreciated.
> Thanks.
> Kind regards,
> Matt

More information about the hybrid mailing list